isms-audit-expert

Solid

Information Security Management System (ISMS) audit expert for ISO 27001 compliance verification, security control assessment, and certification support. Use when the user mentions ISO 27001, ISMS audit, Annex A controls, Statement of Applicability (SOA), gap analysis, nonconformity management, internal audit, surveillance audit, or security certification preparation. Helps review control implementation evidence, document audit findings, classify nonconformities, generate risk-based audit plans, map controls to Annex A requirements, prepare Stage 1 and Stage 2 audit documentation, and support corrective action workflows.

AI & Automation 16,642 stars 2295 forks Updated yesterday MIT

Install

View on GitHub

Quality Score: 96/100

Stars 20%

100

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# ISMS Audit Expert Internal and external ISMS audit management for ISO 27001 compliance verification, security control assessment, and certification support. ## Table of Contents - [Audit Program Management](#audit-program-management) - [Audit Execution](#audit-execution) - [Control Assessment](#control-assessment) - [Finding Management](#finding-management) - [Certification Support](#certification-support) - [Tools](#tools) - [References](#references) --- ## Audit Program Management ### Risk-Based Audit Schedule | Risk Level | Audit Frequency | Examples | |------------|-----------------|----------| | Critical | Quarterly | Privileged access, vulnerability management, logging | | High | Semi-annual | Access control, incident response, encryption | | Medium | Annual | Policies, awareness training, physical security | | Low | Annual | Documentation, asset inventory | ### Annual Audit Planning Workflow 1. Review previous audit findings and risk assessment results 2. Identify high-risk controls and recent security incidents 3. Determine audit scope based on ISMS boundaries 4. Assign auditors ensuring independence from audited areas 5. Create audit schedule with resource allocation 6. Obtain management approval for audit plan 7. **Validation:** Audit plan covers all Annex A controls within certification cycle ### Auditor Competency Requirements - ISO 27001 Lead Auditor certification (preferred) - No operational responsibility for audited processes - Understanding of te...

Details

Author: alirezarezvani
Repository: alirezarezvani/claude-skills
Created: 7 months ago
Last Updated: yesterday
Language: Python
License: MIT

Integrates with

OpenAI · AI Anthropic · AI

Similar Skills

Semantically similar based on skill content — not just same category

Code & Development Solid

isms-audit-expert

Senior ISMS Audit Expert for internal and external information security management system auditing. Provides ISO 27001 audit expertise, security audit program management, security control assessment, and compliance verification. Use for ISMS internal auditing, external audit preparation, security control testing, and ISO 27001 certification support.

27,681 Updated today

davila7

Code & Development Listed

isms-audit-expert

335 Updated today

aiskillstore

AI & Automation Solid

qms-audit-expert

ISO 13485 internal audit expertise for medical device QMS. Covers audit planning, execution, nonconformity classification, and CAPA verification. Use for internal audit planning, audit execution, finding classification, external audit preparation, or audit program management.

16,642 Updated yesterday

alirezarezvani

AI & Automation Solid

qms-audit-expert

Senior QMS Audit Expert for internal and external quality management system auditing. Provides ISO 13485 audit expertise, audit program management, nonconformity identification, and corrective action verification. Use for internal audit planning, external audit preparation, audit execution, and audit follow-up activities.

27,681 Updated today

davila7

AI & Automation Listed

qms-audit-expert

335 Updated today

aiskillstore